package personal.lijun.skeleton.web.access.expression;

import org.springframework.security.access.expression.SecurityExpressionOperations;
import org.springframework.security.authentication.AuthenticationTrustResolver;
import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
import org.springframework.security.web.access.expression.WebSecurityExpressionRoot;
import org.springframework.stereotype.Component;

/**
 * @Auther: lijun@sstcsoft.com
 * @Date: 2019/9/18 16:43
 */
@Component
public class CustomWebSecurityExpressionHandler  extends DefaultWebSecurityExpressionHandler {
    private  final AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl();
    protected SecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication, FilterInvocation fi){
        WebSecurityExpressionRoot root = new CustomWebSecurityExpressionRoot(authentication,fi);
        root.setPermissionEvaluator(getPermissionEvaluator());
        root.setTrustResolver(trustResolver);
        root.setRoleHierarchy(getRoleHierarchy());
        return root;
    }
}
